Notice of Privacy Practices
Effective Date: January 1, 2025 · Last Revised: May 28, 2026
THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
About Just Insurance Svcs
Just Insurance Svcs is a Florida-licensed insurance agency (License #L047919) located at 28927 S Dixie Hwy, Homestead, FL 33033. We assist individuals and families with health insurance enrollment through the ACA Marketplace, Medicare plans, and other insurance products. In connection with these services, we may receive, use, and disclose Protected Health Information (PHI) as defined by the HIPAA Privacy Rule (45 CFR Part 164).
This Notice applies to all PHI we create, receive, maintain, or transmit in connection with our health insurance services. It does not apply to information collected solely in connection with non-health insurance products (auto, home, life, commercial) unless that information is combined with health information.
Our Legal Duties
We are required by law to:
- Maintain the privacy and security of your Protected Health Information (PHI).
- Provide you with this Notice of our legal duties and privacy practices with respect to your PHI.
- Notify you following a breach of unsecured PHI as required by 45 CFR §§ 164.400–414.
- Follow the terms of the Notice currently in effect.
- Not use or disclose your PHI in a manner not described in this Notice without your written authorization, except as permitted or required by law.
How We May Use and Disclose Your Health Information
Uses and Disclosures That Do Not Require Your Authorization
The HIPAA Privacy Rule permits us to use and disclose your PHI without your written authorization for the following purposes:
Treatment
We may use and disclose your PHI to facilitate your enrollment in a health plan and to coordinate with healthcare providers or health plans as necessary to support your coverage. For example, we may share your health information with an insurance carrier to determine your eligibility for a specific plan.
Payment
We may use and disclose your PHI to assist with premium payment processing, subsidy determination (APTC), and billing activities related to your health insurance coverage.
Health Care Operations
We may use and disclose your PHI for our internal business operations, including quality assessment, staff training, compliance audits, and business planning, as permitted by 45 CFR § 164.506.
Required by Law
We may disclose your PHI when required by federal or state law, including disclosures to the U.S. Department of Health and Human Services (HHS), the Centers for Medicare & Medicaid Services (CMS), the Florida Department of Financial Services (DFS), or law enforcement as required by applicable statutes.
Public Health Activities
We may disclose your PHI to public health authorities authorized to collect or receive such information for the purpose of preventing or controlling disease, injury, or disability, as permitted by 45 CFR § 164.512(b).
Health Oversight Activities
We may disclose your PHI to health oversight agencies (such as HHS Office for Civil Rights or state insurance regulators) for activities authorized by law, including audits, investigations, inspections, and licensure.
Business Associates
We may share your PHI with our Business Associates — vendors and service providers who perform functions on our behalf — provided we have a written Business Associate Agreement (BAA) in place requiring them to protect your PHI in accordance with HIPAA. Our Business Associates include our agency management system (EZlynx) and IT service providers.
Serious Threats to Health or Safety
We may use or disclose your PHI if we believe in good faith that such use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public, as permitted by 45 CFR § 164.512(j).
Uses and Disclosures That Require Your Written Authorization
The following uses and disclosures of your PHI require your written authorization (45 CFR § 164.508):
- Marketing: We will not use your PHI for marketing purposes without your written authorization, except for face-to-face communications or promotional gifts of nominal value. This includes all CMS-regulated marketing activities for Medicare Advantage and Part D plans.
- Sale of PHI: We will not sell your PHI without your written authorization.
- Psychotherapy Notes: We will not use or disclose psychotherapy notes without your written authorization (if applicable).
- Any Other Use Not Described in This Notice: Any use or disclosure of your PHI not described in this Notice requires your prior written authorization.
You may revoke any authorization you have given us at any time, in writing. Your revocation will not affect any actions we took in reliance on your authorization before we received your revocation.
Your Rights Regarding Your Health Information
You have the following rights with respect to your PHI. To exercise any of these rights, please submit a written request to our Privacy Officer (contact information below).
Right to Inspect and Copy Your PHI (45 CFR § 164.524)
You have the right to inspect and obtain a copy of your PHI that we maintain in a designated record set. We will provide access within 30 days of your request (or 60 days if the records are stored off-site). We may charge a reasonable, cost-based fee for copies. We may deny access in limited circumstances as permitted by law.
Right to Request Amendment (45 CFR § 164.526)
You have the right to request that we amend your PHI if you believe it is inaccurate or incomplete. We will respond within 60 days. We may deny your request if the information was not created by us, is not part of our designated record set, is not available for inspection, or is accurate and complete.
Right to an Accounting of Disclosures (45 CFR § 164.528)
You have the right to request an accounting of certain disclosures of your PHI made by us during the six years prior to your request. This right does not apply to disclosures made for treatment, payment, or health care operations, or disclosures made with your authorization.
Right to Request Restrictions (45 CFR § 164.522)
You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or health care operations. We are not required to agree to your request unless the restriction is on a disclosure to a health plan for payment or health care operations purposes and you have paid for the service in full out of pocket. If we agree to a restriction, we will comply with it except in emergencies.
Right to Request Confidential Communications (45 CFR § 164.522(b))
You have the right to request that we communicate with you about your PHI in a certain way or at a certain location. For example, you may ask us to contact you only by email or only at a specific phone number. We will accommodate reasonable requests.
Right to a Paper Copy of This Notice (45 CFR § 164.520)
You have the right to receive a paper copy of this Notice at any time, even if you have agreed to receive it electronically. Contact us to request a paper copy.
Right to Notification of Breach (45 CFR §§ 164.400–414)
You have the right to receive notification in the event of a breach of your unsecured PHI. We will notify you without unreasonable delay and no later than 60 days following discovery of a breach, as required by the HITECH Act and the HIPAA Breach Notification Rule.
Special Protections for Medicare Beneficiaries
As a CMS-regulated agent/broker, we are subject to additional requirements under 42 CFR §§ 422.2274 and 423.2274 regarding the use of Medicare beneficiary information:
- We will not use your Medicare beneficiary information for marketing purposes without your express written consent.
- We will not share your Medicare beneficiary information with non-affiliated third parties for marketing purposes.
- We are required to maintain a Scope of Appointment (SOA) form documenting your consent to discuss specific Medicare plan types before any sales meeting.
- We are required to maintain records of all marketing materials and enrollment activities for a minimum of 10 years.
- We will not provide gifts, payments, or other remuneration to influence your enrollment decisions, except as permitted by CMS.
- We will not conduct unsolicited door-to-door marketing or cold calling for Medicare products.
To report a concern about our Medicare marketing practices, you may contact CMS at medicare.gov or call 1-800-MEDICARE (1-800-633-4227).
ACA Marketplace and Health Insurance Consent
For ACA Marketplace enrollments, we are required to obtain your written consent before accessing your Marketplace account or submitting an application on your behalf. This consent is documented through our Health Insurance Consent Form, which:
- Identifies Just Insurance Svcs as your authorized agent of record.
- Specifies the scope of our authority to act on your behalf.
- Complies with CMS requirements for agent/broker consent documentation.
- Is retained for a minimum of 10 years as required by CMS.
You may revoke your consent at any time by contacting us in writing. Revocation of consent will not affect actions taken prior to revocation.
How to File a Complaint
If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.
File a Complaint With Us
Contact our Privacy Officer in writing. We will investigate and respond within 30 days.
File a Complaint With HHS
U.S. Department of Health and Human Services, Office for Civil Rights.
You may also contact the Florida Department of Financial Services at myfloridacfo.com or 1-877-693-5236 for complaints related to Florida insurance regulations.
Changes to This Notice
We reserve the right to change this Notice and to make the revised Notice effective for PHI we already have about you as well as any PHI we receive in the future. We will post the current Notice on our website and make it available upon request. The effective date of the current Notice is listed at the top of this document. We will provide you with a revised Notice if we make material changes to our privacy practices.
Contact Our Privacy Officer
For questions about this Notice or to exercise your rights, contact:
Just Insurance Svcs — Privacy Officer
Florida Insurance License #L047919